Disabling trunk interfaces - Page 2

eugeneworon · ‎07-27-2025

Hello!
There is such a problem in the network. There is a C9500-40X core, it is responsible only for the user segment of the LAN (desktop PC, IP phones, printers, air conditioners, UPS, video cameras, etc.). Eleven floors are connected to it via MM fiber, two Cisco SFP-10G-SR-S modules, on each floor there is a stack of two or three C9300-48P, several neighboring buildings are also connected via SM fiber, two Cisco SFP+ 10G LRM modules, interfaces are aggregated everywhere. Everything was always fine, but for a month now, every week, the connection with the fifth floor is lost, maybe during the day, maybe at night. I changed the SFP modules both on the floor and on the core, changed the optical patch cord and rebooted the stack on the fifth floor. If you look at the channel status on the stack, when the connection is lost, then the aggregated interfaces show suspended at this time, at the moment I have disassembled the aggregation between the floor and the core, last night the connection was lost again, but after four minutes it was restored by itself.

The network core is a VTPv3 Primary Server domain, all other switches are clients. In general, there are no problems in the network globally. I cannot understand whether there is a loop somewhere, or the problem is in the optical line between the floor and the server room. The building is new, less than three years ago it was put into operation.

On July 22, when I first disassembled the aggregation on the fifth floor, then began to disassemble the network core, but did not physically disconnect the fiber optics, the network went down in the user segment, rose immediately after the physical disconnection of the fiber optics to the fifth floor. What broadcast\multicast indicator is considered abnormal if there is a loop in the network?

C9300 Port settings

Spoiler

interface GigabitEthernet1/0/1-48
description --Client access--
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport voice vlan 111
load-interval 60
udld port aggressive
storm-control broadcast level 20.00
storm-control multicast level 87.00 65.00
storm-control unicast level 87.00 65.00
spanning-tree portfast
spanning-tree bpduguard enable

interface TenGigabitEthernet3/1/8
description -to C9500-Core-
switchport trunk native vlan 100
switchport mode trunk
switchport nonegotiate

interface GigabitEthernet1/0/1-48description --Client access--switchport access vlan 30switchport mode accessswitchport nonegotiateswitchport voice vlan 111load-interval 60udld port aggressivestorm-control broadcast level 20.00storm-control multicast level 87.00 65.00storm-control unicast level 87.00 65.00spanning-tree portfastspanning-tree bpduguard enableinterface TenGigabitEthernet3/1/8description -to C9500-Core-switchport trunk native vlan 100switchport mode trunkswitchport nonegotiate

Spoiler

MHM Cisco World · ‎07-29-2025

Share

Show port-channel summary <<- in core and floor SW with issue

MHM

eugeneworon · ‎07-29-2025

Spoiler

Leo Laohoo · ‎07-29-2025

@eugeneworon wrote:
I had to remove the port aggregation to check.

This information was not in available to us.

Put the etherchannel config back in.

If the link (with/without etherchannel) went down overnight, post the complete output of the following command taken from the 9500:

sh log | include [23]/1/8

eugeneworon · ‎07-29-2025

There is no information output, both on the core and on the fifth floor switch

Spoiler

@Leo Laohoo написал (-а):
@eugeneworon wrote:
I had to remove the port aggregation to check.
Put the etherchannel config back in.

OK. I'll return the aggregation a little later.

Leo Laohoo · ‎07-29-2025

@eugeneworon wrote:
There is no information output

That's because the "sh log" filter is incorrect.

Please use the following command:

sh log | include [23]/1/8

marce1000 · ‎07-29-2025

- @eugeneworon I don't want to stress my opinions , but you really need to engage in configuring logging and examine logs, especially when dealing with intermittent issues or 'it was working before' (revisit my initial reply too!)

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

eugeneworon · ‎07-29-2025

I noticed that on all switches of the access or aggregation level, it shows the Vlan root role, but on the core it is designed. As I understand it, it has always been like this in the network, separately priority or root primary on Vlan is not configured

MHM Cisco World · ‎07-30-2025

Hi friend

From all of above

You have issue with PO it seems to me issue of unidirectional of one port of member port.

How we can check that

Show lacp counters <<- check if all PO port member send receive lacp

Show spanning tree interface <PO>

You must see PO only receive bdpu' i.e. receive bdpu count is increasing.

MHM

eugeneworon · ‎08-03-2025

I set up a port channel on Thursday, today it crashed again

Spoiler

I don't think it's aggregation. Without aggregation, the ports were also disconnected, but they turned on automatically within five minutes.

Leo Laohoo · ‎08-03-2025

Please read and understand the error message: The EtherChannel has been suspended, i. e. not even working, because the remote end is not configured as EtherChannel.

The switch then crashed because someone enabled auto-recovery of error-disable of EtherChannel, a really dumb thing to do.

MHM Cisco World · ‎08-03-2025

Thanks for sharing more info

But I was clear

I need to see

Show lacp counter <<- in both SW connect by PO with issue

Show spanning tree interface PO <<- in both SW connect by PO with issue

MHM